Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231332e32372e302f32342d3332203d3e203531313637.roa
File: 3138352e3231332e32372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: hFC4WyXZixXmzXqhts67GADI8zMNGjf84IcOHIt+ICE=
Subject key identifier: 8D:37:EF:D9:EB:93:09:BF:6E:A2:8A:8C:44:E5:26:93:02:7B:84:1D
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 07EC593083EFA1F02E84E11FB9B772560FB68783
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231332e32372e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:37 +0000
ROA not before: Mon 26 Feb 2024 08:48:37 +0000
ROA not after: Mon 24 Feb 2025 08:53:37 +0000
asID: 51167
IP address blocks: 185.213.27.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.mft
rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ec:59:30:83:ef:a1:f0:2e:84:e1:1f:b9:b7:72:56:0f:b6:87:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:37 2024 GMT
Not After : Feb 24 08:53:37 2025 GMT
Subject: CN=8D37EFD9EB9309BF6EA28A8C44E52693027B841D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:54:30:4a:49:5c:cc:fb:82:f6:b8:60:e9:18:
68:08:3e:5f:50:24:c1:e1:09:25:ab:60:9d:a3:cf:
12:af:ff:2a:b0:db:b3:fa:1c:85:79:39:88:e2:9c:
fd:63:2b:49:7b:3a:5b:e5:f0:34:26:63:dc:9b:a5:
ed:14:69:78:01:54:21:5e:c7:b1:27:e8:7e:d3:5d:
69:b7:d1:37:f3:52:ca:7f:53:b1:bd:97:e7:f7:6f:
da:44:62:d8:52:33:ba:38:c8:ce:33:6a:a0:37:d5:
57:92:0e:c4:1c:57:ab:37:8c:22:75:dd:2d:26:1d:
8a:72:2c:e2:86:30:d1:63:80:13:0c:75:10:b0:04:
be:82:3a:2d:ce:b2:a0:df:fe:8d:80:f8:b0:ee:e6:
48:a9:aa:11:fd:86:e9:e3:08:6c:bc:b6:55:2f:5d:
51:48:d4:df:4c:b0:78:52:65:e6:50:71:3e:fd:a4:
7b:c7:96:ae:40:0c:7c:d9:ee:fe:11:37:fc:6b:e1:
e7:f5:97:3b:89:e3:18:a5:da:1e:78:ca:de:15:ce:
60:12:86:53:2f:35:69:7a:67:f3:1e:26:3a:13:af:
86:58:e1:ba:a9:0f:87:80:da:38:0e:47:aa:76:4f:
cd:87:2b:e7:4d:8a:b2:0e:48:e5:72:c3:39:ea:30:
02:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:37:EF:D9:EB:93:09:BF:6E:A2:8A:8C:44:E5:26:93:02:7B:84:1D
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3231332e32372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.27.0/24
Signature Algorithm: sha256WithRSAEncryption
87:5f:46:f6:7a:1c:9b:54:1e:73:eb:97:68:1b:47:b6:a7:f4:
8b:be:e5:a3:11:77:10:6d:18:4e:46:c8:12:a1:73:8a:a4:24:
59:7c:45:f2:22:86:b6:f1:80:85:c2:2a:de:a2:91:44:77:a0:
fa:b9:df:be:63:fe:4a:05:f2:40:2c:71:19:65:b2:e1:1f:cc:
f7:4c:e6:9d:fa:bf:03:3f:df:d8:31:59:71:2d:5d:8d:15:2f:
53:82:8a:c7:57:38:99:7f:eb:d4:ba:c7:e5:aa:73:81:d7:9d:
67:0c:7b:d0:b2:39:99:ab:7d:ca:0d:50:73:cd:e7:37:3e:18:
af:b5:50:2e:9a:2c:4d:15:40:9c:8e:02:ac:31:10:db:d7:1b:
94:4d:d6:f8:49:88:aa:e6:11:9a:1b:87:c7:99:7a:fa:d0:47:
e7:42:e7:92:fb:7e:9d:d8:b3:38:97:86:a5:b5:ba:17:11:56:
ae:52:fd:74:cc:f7:13:10:7d:6b:eb:ad:8f:bd:b3:f3:7d:f7:
6d:18:c6:df:be:92:07:66:f2:83:89:a6:0c:17:ec:35:0c:3f:
7b:76:b9:35:64:d6:e7:ec:87:29:ac:ea:50:ec:44:7a:6b:45:
84:b0:84:e2:9c:16:a1:66:92:36:c4:16:3c:b3:75:8e:72:62:
fb:08:b9:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUB+xZMIPvofAuhOEfubdyVg+2h4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzdaFw0yNTAyMjQwODUzMzdaMDMxMTAvBgNV
BAMTKDhEMzdFRkQ5RUI5MzA5QkY2RUEyOEE4QzQ0RTUyNjkzMDI3Qjg0MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1VDBKSVzM+4L2uGDpGGgIPl9Q
JMHhCSWrYJ2jzxKv/yqw27P6HIV5OYjinP1jK0l7Olvl8DQmY9ybpe0UaXgBVCFe
x7En6H7TXWm30TfzUsp/U7G9l+f3b9pEYthSM7o4yM4zaqA31VeSDsQcV6s3jCJ1
3S0mHYpyLOKGMNFjgBMMdRCwBL6COi3OsqDf/o2A+LDu5kipqhH9hunjCGy8tlUv
XVFI1N9MsHhSZeZQcT79pHvHlq5ADHzZ7v4RN/xr4ef1lzuJ4xil2h54yt4VzmAS
hlMvNWl6Z/MeJjoTr4ZY4bqpD4eA2jgOR6p2T82HK+dNirIOSOVywznqMAL1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjTfv2euTCb9uooqMROUmkwJ7hB0wHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMjMxMzMyZTMy
MzcyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udUbMA0GCSqGSIb3DQEBCwUAA4IBAQCHX0b2ehybVB5z65doG0e2p/SLvuWjEXcQ
bRhORsgSoXOKpCRZfEXyIoa28YCFwireopFEd6D6ud++Y/5KBfJALHEZZbLhH8z3
TOad+r8DP9/YMVlxLV2NFS9TgorHVziZf+vUusflqnOB151nDHvQsjmZq33KDVBz
zec3PhivtVAumixNFUCcjgKsMRDb1xuUTdb4SYiq5hGaG4fHmXr60EfnQueS+36d
2LM4l4altboXEVauUv10zPcTEH1r662PvbPzffdtGMbfvpIHZvKDiaYMF+w1DD97
drk1ZNbn7IcprOpQ7ER6a0WEsITinBahZpI2xBY8s3WOcmL7CLn7
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org